On Tue, Feb 10, 2026 at 1:35 PM Matus UHLAR - fantomas via Postfix-users <
[email protected]> wrote:
note that if your intent is to filter spam, you should better implement
policy filter in
smtp_data_restrictions
- to find out number of recipients
and/or
smtpd_end_of_data_restrictions
- to know the total size of mail sent
I have implemented postfwd, and use it on both of those, counting total
number of recipients/mails per unit in the first and total size of mail
send
in the latter
(can provide details if needed)
On 10.02.26 19:22, Alex via Postfix-users wrote:
Yes, please. Although I finally have cbpolicyd/cluebringer running,
configuring it is another whole project, it seems.
I looked at postfwd and cluebringer docs and postfwd seemed easier to
understand, tho it looks like programing in old BASIC - linear with many
GOTOs (jump action)
Note that I didn't fill individual rates here, not sure it supports custom
variables so you'd need to replace IN-* and DF-* by numbers.
# at the beginning
id=SIZE ; protocol_state==END-OF-MESSAGE ; action=jump(SIZE-1-1)
# user1, internal network
id=INTERNAL-USER1-RCPT-01 ; &&INTERNAL ; sasl_username==user1 ;
action=rcpt(sasl_username/IN-U1-1/3600/WARN INTERNAL-USER1 rcpt limit of IN-U1-1
recipients in 1 hour exceeded [$$ratecount hits])
id=INTERNAL-USER1-RCPT-02 ; &&INTERNAL ; sasl_username==user1 ;
action=rcpt(sasl_username/IN-U1-6/21600/WARN INTERNAL-USER1 rcpt limit of IN-U1-6
recipients in 6 hours exceeded [$$ratecount hits])
# avoid internal rates for this user
id=INTERNAL-USER1-DEFAULT ; &&INTERNAL ; sasl_username==user1 ;
action=jump(DEFAULT-RATE-01)
# internal network rates
id=INTERNAL-RCPT-01 ; &&INTERNAL ; action=rcpt(sasl_username/IN-1/3600/WARN
INTERNAL rcpt limit of IN-1 recipients in 1 hour exceeded [$$ratecount hits])
id=INTERNAL-RCPT-02 ; &&INTERNAL ; action=rcpt(sasl_username/IN-6/21600/WARN
INTERNAL rcpt limit of IN-6 recipients in 6 hours exceeded [$$ratecount hits])
# default rates
id=DEFAULT-RATE-01 ; action=rate(sasl_username/DF-A1/3600/DEFER DEFAULT rate limit of DF-A1 messages in 1 hour exceeded [$$ratecount hits])
id=DEFAULT-RATE-02 ; action=rate(sasl_username/DF-A6/21600/DEFER DEFAULT rate
limit of DF-A6 messages in 6 hours exceeded [$$ratecount hits])
id=DEFAULT-RCPT-01 ; action=rcpt(sasl_username/DF-C1/3600/DEFER DEFAULT rcpt
limit of DF-C1 recipients in 1 hour exceeded [$$ratecount hits])
id=DEFAULT-RCPT-02 ; action=rcpt(sasl_username/DF-C6/21600/DEFER DEFAULT rcpt
limit of DF-C6 recipients in 6 hours exceeded [$$ratecount hits])
# return dunno if no rate matched
id=DEFAULT ; action=dunno
# SIZE rules here
id=SIZE-1-1 ; action=size(sasl_username/536870912/3600/DEFER SIZE limit of 512
MB in 1 hour exceeded [$$ratecount])
id=SIZE-1-2 ; action=size(sasl_username/419430400/3600/WARN SIZE limit of 400
MB in 1 hour exceeded [$$ratecount])
id=SIZE-2-1 ; action=size(sasl_username/1073741824/21600/DEFER SIZE limit of
1024 MB in 6 hours exceeded [$$ratecount])
id=SIZE-2-2 ; action=size(sasl_username/805306368/21600/WARN SIZE limit of 768
MB in 6 hours exceeded [$$ratecount])
--
Matus UHLAR - fantomas, [email protected] ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Chernobyl was an Windows 95 beta test site.
_______________________________________________
Postfix-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
